Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for shoutbox by knusperleicht

    CVE-2006-6721 (GCVE-0-2006-6721)

    Vulnerability from nvd – Published: 2006-12-23 11:00 – Updated: 2024-08-07 20:34
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in shout.php in Knusperleicht ShoutBox 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) sbNick or (2) sbKommentar parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/data/vulnerabilities… x_refsource_MISC
    http://secunia.com/advisories/23526 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/21637 vdb-entryx_refsource_BID
    Date Public
    2006-12-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:34:00.452Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/21637.html"
              },
              {
                "name": "23526",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23526"
              },
              {
                "name": "21637",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21637"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-12-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in shout.php in Knusperleicht ShoutBox 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) sbNick or (2) sbKommentar parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-01-10T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/21637.html"
            },
            {
              "name": "23526",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23526"
            },
            {
              "name": "21637",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21637"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6721",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in shout.php in Knusperleicht ShoutBox 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) sbNick or (2) sbKommentar parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.securityfocus.com/data/vulnerabilities/exploits/21637.html",
                  "refsource": "MISC",
                  "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/21637.html"
                },
                {
                  "name": "23526",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/23526"
                },
                {
                  "name": "21637",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21637"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6721",
        "datePublished": "2006-12-23T11:00:00.000Z",
        "dateReserved": "2006-12-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:34:00.452Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3989 (GCVE-0-2006-3989)

    Vulnerability from nvd – Published: 2006-08-05 00:00 – Updated: 2024-08-07 18:48
    VLAI
    Summary
    PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/441815/100… mailing-listx_refsource_BUGTRAQ
    https://www.exploit-db.com/exploits/2103 exploitx_refsource_EXPLOIT-DB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/19273 vdb-entryx_refsource_BID
    http://www.osvdb.org/27709 vdb-entryx_refsource_OSVDB
    http://securityreason.com/securityalert/1325 third-party-advisoryx_refsource_SREASON
    http://secunia.com/advisories/21302 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/3090 vdb-entryx_refsource_VUPEN
    Date Public
    2006-08-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:48:39.414Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20060801 [Kurdish Security # 21] ShoutBox v4.4 Remote Command Execution",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/441815/100/0/threaded"
              },
              {
                "name": "2103",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2103"
              },
              {
                "name": "shoutbox-index-file-include(28123)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28123"
              },
              {
                "name": "19273",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19273"
              },
              {
                "name": "27709",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/27709"
              },
              {
                "name": "1325",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1325"
              },
              {
                "name": "21302",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21302"
              },
              {
                "name": "ADV-2006-3090",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3090"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-08-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20060801 [Kurdish Security # 21] ShoutBox v4.4 Remote Command Execution",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/441815/100/0/threaded"
            },
            {
              "name": "2103",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2103"
            },
            {
              "name": "shoutbox-index-file-include(28123)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28123"
            },
            {
              "name": "19273",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19273"
            },
            {
              "name": "27709",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/27709"
            },
            {
              "name": "1325",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1325"
            },
            {
              "name": "21302",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21302"
            },
            {
              "name": "ADV-2006-3090",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3090"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-3989",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20060801 [Kurdish Security # 21] ShoutBox v4.4 Remote Command Execution",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/441815/100/0/threaded"
                },
                {
                  "name": "2103",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2103"
                },
                {
                  "name": "shoutbox-index-file-include(28123)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28123"
                },
                {
                  "name": "19273",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19273"
                },
                {
                  "name": "27709",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/27709"
                },
                {
                  "name": "1325",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1325"
                },
                {
                  "name": "21302",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21302"
                },
                {
                  "name": "ADV-2006-3090",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3090"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-3989",
        "datePublished": "2006-08-05T00:00:00.000Z",
        "dateReserved": "2006-08-04T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:48:39.414Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6721 (GCVE-0-2006-6721)

    Vulnerability from cvelistv5 – Published: 2006-12-23 11:00 – Updated: 2024-08-07 20:34
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in shout.php in Knusperleicht ShoutBox 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) sbNick or (2) sbKommentar parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/data/vulnerabilities… x_refsource_MISC
    http://secunia.com/advisories/23526 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/21637 vdb-entryx_refsource_BID
    Date Public
    2006-12-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:34:00.452Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/21637.html"
              },
              {
                "name": "23526",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23526"
              },
              {
                "name": "21637",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21637"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-12-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in shout.php in Knusperleicht ShoutBox 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) sbNick or (2) sbKommentar parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-01-10T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/21637.html"
            },
            {
              "name": "23526",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23526"
            },
            {
              "name": "21637",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21637"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6721",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in shout.php in Knusperleicht ShoutBox 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) sbNick or (2) sbKommentar parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.securityfocus.com/data/vulnerabilities/exploits/21637.html",
                  "refsource": "MISC",
                  "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/21637.html"
                },
                {
                  "name": "23526",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/23526"
                },
                {
                  "name": "21637",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21637"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6721",
        "datePublished": "2006-12-23T11:00:00.000Z",
        "dateReserved": "2006-12-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:34:00.452Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3989 (GCVE-0-2006-3989)

    Vulnerability from cvelistv5 – Published: 2006-08-05 00:00 – Updated: 2024-08-07 18:48
    VLAI
    Summary
    PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/441815/100… mailing-listx_refsource_BUGTRAQ
    https://www.exploit-db.com/exploits/2103 exploitx_refsource_EXPLOIT-DB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/19273 vdb-entryx_refsource_BID
    http://www.osvdb.org/27709 vdb-entryx_refsource_OSVDB
    http://securityreason.com/securityalert/1325 third-party-advisoryx_refsource_SREASON
    http://secunia.com/advisories/21302 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/3090 vdb-entryx_refsource_VUPEN
    Date Public
    2006-08-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:48:39.414Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20060801 [Kurdish Security # 21] ShoutBox v4.4 Remote Command Execution",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/441815/100/0/threaded"
              },
              {
                "name": "2103",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2103"
              },
              {
                "name": "shoutbox-index-file-include(28123)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28123"
              },
              {
                "name": "19273",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19273"
              },
              {
                "name": "27709",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/27709"
              },
              {
                "name": "1325",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1325"
              },
              {
                "name": "21302",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21302"
              },
              {
                "name": "ADV-2006-3090",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3090"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-08-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20060801 [Kurdish Security # 21] ShoutBox v4.4 Remote Command Execution",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/441815/100/0/threaded"
            },
            {
              "name": "2103",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2103"
            },
            {
              "name": "shoutbox-index-file-include(28123)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28123"
            },
            {
              "name": "19273",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19273"
            },
            {
              "name": "27709",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/27709"
            },
            {
              "name": "1325",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1325"
            },
            {
              "name": "21302",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21302"
            },
            {
              "name": "ADV-2006-3090",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3090"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-3989",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20060801 [Kurdish Security # 21] ShoutBox v4.4 Remote Command Execution",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/441815/100/0/threaded"
                },
                {
                  "name": "2103",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2103"
                },
                {
                  "name": "shoutbox-index-file-include(28123)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28123"
                },
                {
                  "name": "19273",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19273"
                },
                {
                  "name": "27709",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/27709"
                },
                {
                  "name": "1325",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1325"
                },
                {
                  "name": "21302",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21302"
                },
                {
                  "name": "ADV-2006-3090",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3090"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-3989",
        "datePublished": "2006-08-05T00:00:00.000Z",
        "dateReserved": "2006-08-04T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:48:39.414Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }